[Mazdaspeed6]

While poking around in my logs folder i came across a large auth.log file. I opened it and found ALOT of entries of random username attempts to access ssh on my POGO V2. I dont see where they gained access but this has me worrying. How can stop this? I tried fail2ban and kept getting errors when starting it and the same with SSHGUARD that i beleive was related to the errors with iptables i was getting. I only really need to access SSH locally, so would it be best to some how block SSH to allow only local IP's or is there a better way?
I know that strong passwords are the best way to prevent this but wanted to know what else i can do

thanks

[WarheadsSE]

Either turn off port forwarding, since the device shouldn't be directly attached to the internet, or change the port for obscurity. Either way consider switching to key based authentication instead of password over SSH.

[Mazdaspeed6]

i will probably just disable port forwarding then. I am also running FTP. is there a way to further secure that?

I have transmission/deluge running as a daemon as well but i dont think they are any risk..there password protected as well.

[WarheadsSE]

Personally I use sftp instead of FTP.

Edit: dyac

[TheWalt]

For SSH access I changed the incoming port to something obscure in the router and mapped it to port 22 on the actual device, pretty easy to do. Also, I use a program like filezilla that supports secure ftp over ssh to transfer files to eliminate the need for FTP running.